Hello Daniel,
Thank you very much for your comments. I have commented on them below and
created corresponding GitHub issues to be addressed soon.
One thing that affects how we address most of the comments is the order of
presentation of MQTT v5 and MQTT v3.1.1.
I completely agree that if the
Hello,
Thanks, Jim, this was helpful, and it also triggered that I go back and
read the introspection section of the core draft again.
>
>
> [JLS] For introspection, but not for a published token, the token could be
> “revoked” by the RS. In this case a new introspection check would lead to
>
From: Cigdem Sengul
Sent: Thursday, May 23, 2019 4:21 AM
To: Jim Schaad
Cc: draft-ietf-ace-mqtt-tls-prof...@ietf.org; ace@ietf.org
Subject: Re: [Ace] Comments on draft-ietf-ace-mqtt-tls-profile
Thank you, Jim, for the comments.
I have created issues corresponding to each one
Thank you, Jim, for the comments.
I have created issues corresponding to each one in the GitHub repository.
We will start working on them, and specifically clarify the issues 1-3
around the CONNECT message.
For 4, MQTT v5 can support a challenge-response; not possible with v3
indeed. Will expand
On 22/05/2019 23:58, Jim Schaad wrote:
5. Is there an intention to provide a "standard" format for the scope field
or just to leave it as ad hoc?
I would be very much in favor of this, or at least provide guidelines to
avoid adding to this: https://www.brandur.org/oauth-scope
/Ludwig
Thanks for the updates from my last message. This has helped quite a bit.
1. A discussion of the use of raw public keys rather than certificates for
the server may be in order. This can refer to the same RPK issues from the
current DTLS document. It may also be that this just uses normal